{"id":17,"date":"2013-02-26T20:32:40","date_gmt":"2013-02-26T20:32:40","guid":{"rendered":"http:\/\/faculty.engineering.ucdavis.edu\/template\/?page_id=17"},"modified":"2016-07-18T16:00:37","modified_gmt":"2016-07-18T16:00:37","slug":"publications","status":"publish","type":"page","link":"https:\/\/faculty.engineering.ucdavis.edu\/bishop\/publications\/","title":{"rendered":"Publications"},"content":{"rendered":"<h3>2012<\/h3>\n<ul>\n<li>S. Whalen, S. Peisert, and M. Bishop, \u201cMulticlass Classification of Distributed Memory Parallel Computations,\u201d <i>Pattern Recognition Letters<\/i> (2012).<\/li>\n<li>S. Peisert, E. Talbot, and M. Bishop, \u201cTurtles All The Way Down: A Clean-Slate, Ground-Up, First-Principles Approach to Secure Systems,\u201d <i>Proceedings of the 2012 New Security Paradigms Workshop<\/i> (Sep. 2012).<\/li>\n<li>M. Bishop and S. Peisert, \u201cSecurity and Elections,\u201d <i>IEEE Security and Privacy<\/i> <b>10<\/b>(5) pp. 64\u201367 (Sep. 2012).<\/li>\n<li>M. Bishop, \u201cLearning and Experience in Computer Security Education,\u201d <i>Actas de la XII Reuni\u00f3n Espa\u00f1ola sobre Criptolog\u00eda y Seguridad de la Informaci\u00f3n <\/i> pp. 1\u20136 (Sep. 2012).<\/li>\n<li><a href=\"http:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-content\/uploads\/sites\/17\/2013\/02\/voteattack.pdf\">H. Phan, G. Avrunin, M. Bishop, L. Clarke, and L. Osterweil, \u201cA Systematic Process-Model-Based Approach for Synthesizing Attacks and Evaluating Them,\u201d <i>Proceedings of the 2012 USENIX\/ACCURATE Electronic Voting Technology Workshop<\/i> (Aug. 2012).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2012-cisse\">K. Nance, B. Hay, and M. Bishop, \u201cSecure Coding Education: Are We Making Progress?,\u201d <i>Proceedings of the 16<sup>th<\/sup> Colloquium for Information Systems Security Education<\/i> (June 2012).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2012-eicar\">R. Ford, M. Carvalho, L. Mayron, and M. Bishop, \u201cTowards Metrics for Cyber Security,\u201d <i>21<sup>st<\/sup> EICAR Annual Conference Proceedings<\/i> pp. 151\u2013159 (May 2012).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2012-ieeetdsc\">M. Bishop, S. Engle, D. Howard, and S. Whalen, \u201cA Taxonomy of Buffer Overflow Characteristics,\u201d <i>IEEE Transactions on Dependable and Secure Computing<\/i> <b>9<\/b>(3) pp. 305\u2013317 (May 2012).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2012-hicss\">B. Hay, K. Nance, M. Bishop, and L. McDaniel, \u201cAre Your Papers in Order? Developing and Enforcing Multi-tenancy and Migration Policies in the Cloud,\u201d <i>Proceedings of the 45th Hawaii International Conference on System Science<\/i> pp. 5473\u20135479 (Jan. 2012).<\/a><\/li>\n<\/ul>\n<h2>2011<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-gtip\">M. Bishop, C. Gates, P. Yellowlees and G. Silberman, \u201cFacebook Goes to the Doctor,\u201d <i>Proceedings of the 2011 Workshop on Governance of Technology, Information, and Policies<\/i> pp. 13&#8211;20 (Dec. 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-hst\">J. Hunker, C. Gates, and M. Bishop, \u201cAttribution Requirements for Next Generation Internets,\u201d <i>Proceedings of the 2011 IEEE International Conference on Technologies for Homeland Security<\/i> pp. 345&#8211;350 (Nov. 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-malware-2\">M. Ramilli, M. Bishop, and S. Sun, \u201cMultiprocess Malware,\u201d <i>Proceedings of the 6th International Conference on Malicious and Unwanted Software<\/i> (Oct. 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-malware-1\">M. Bishop, R. Ford, and M. Ramilli, \u201cResults-Oriented Security,\u201d <i>Proceedings of the 6th International Conference on Malicious and Unwanted Software<\/i> (Oct. 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-nspw\">M. Bishop, M. Carvalho, R. Ford, and L. Mayron, \u201cResilience is More Than Availability,\u201d <i>Proceedings of the 2011 New Security Paradigms Workshop<\/i> pp. 95&#8211;104 (Sep. 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-ttap\">C. Gates and M. Bishop, \u201cOne of These Records Is Not Like the Other,\u201d <i>Proceedings of the Third USENIX Workshop on the Theory and Practice of Provenance<\/i> (June 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-caches\">S. Whalen, S. Peisert, and M. Bishop, \u201cNetwork-Theoretic Classification of Parallel Computation Patterns,\u201d <i>Proceedings of the First International Workshop on Characterizing Applications for Heterogeneous Exascale Systems<\/i> (June 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-petrae\">M. Clifford and M. Bishop, \u201cTrust of Medical Devices, Applications, and Users in Pervasive Healthcare,\u201d <i>Proceedings of the Fourth International Conference on Pervasive Technologies Related to Assistive Environments<\/i> (May 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-wise-2\">M. Bishop and C. Elliott, \u201cRobust Programming by Example,\u201d <i>Proceedings of the Seventh World Conference on Information Security Education<\/i> pp. 23\u201330 (June 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-wise-1\">M. Bishop and K. Nance, \u201cThe Strengths and Challenges of Analogical Approaches to Computer Security Education,\u201d <i>Proceedings of the Seventh World Conference on Information Security Education<\/i> pp. 96\u2013102 (June 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-ieeesp\">M. Bishop, \u201cTeaching Security Stealthily,\u201d <i>IEEE Security and Privacy<\/i> <b>9<\/b>(2) pp. 69\u201371 (Mar. 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-hicss-2\">M. Bishop, B. Hay, and K. Nance, \u201cApplying Formal Methods Informally,\u201d <i>Proceedings of the 44th Hawaii International Conference on System Sciences<\/i> pp. 1\u20138 (Jan. 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-hicss-1\">B. Hay, K. Nance, and M. Bishop, \u201cStorm Clouds Rising: Security Challenges for IaaS Cloud Computing,\u201d <i>Proceedings of the 2011 Hawaii International Conference on System Sciences<\/i> pp. 1\u20137 (Jan. 2011).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2011-isecure\">M. Bishop, \u201cComputer Security in the Future,\u201d <i>The ISC International Journal of Information Security<\/i> <b>3<\/b>(1)pp. 3\u201327 (Jan. 2011).<\/a><\/li>\n<\/ul>\n<h2>2010<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2010-login\">M. Bishop, S. Greenwald, and M. Locasto, \u201cNew Security Paradigms Workshop,\u201d <i>;login:<\/i> <b>35<\/b>(6) pp. 117\u2013124 (Dec. 2010).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2010-malware\">M. Ramilli and M. Bishop, \u201cMulti-Stage Delivery of Malware,\u201d <i>Proceedings of the 5th IEEE International Conference on Malicious and Unwanted Software<\/i> pp. 91\u201397 (Oct. 2010).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2010-nspw\">M. Bishop, J. Cummins, S. Peisert, A. Singh, B. Bhumiratana, D. Agarwal, D. Frincke, and M. Hogarth, \u201cRelationships and Data Sanitization: A Study in Scarlet,\u201d <i>Proceedings of the 2010 New Security Paradigms Workshop<\/i> pp. 151\u2013164 (Sep. 2010).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2010-securecomm\">S. Whalen, M. Bishop, and J. Crutchfield, \u201cHidden Markov Models for Automated Protocol Learning,\u201d <i>Proceedings of SecureComm 2010<\/i> pp. 415\u2013428 (Sep. 2010).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2010-ieeesp-2\">M. Bishop, \u201cTechnology, Training, and Transformation,\u201d <i>IEEE Security and Privacy<\/i> <b>8<\/b>(5) pp. 72\u201375 (Sep. 2010).<\/a><\/li>\n<li><a href=\"http:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-content\/uploads\/sites\/17\/2013\/02\/voteproc.pdf\">B. Simidchieva, S. Engle, M. Clifford, A. Jones, S. Peisert, M. Bishop, L. Clarke, and L. Osterweil, \u201cModeling and Analyzing Faults to Improve Election Process Robustness,\u201d <i>Proceedings of the 2010 USENIX\/ACCURATE Electronic Voting Technology Workshop<\/i> (Aug. 2010).<\/a><\/li>\n<li><a href=\"http:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-content\/uploads\/sites\/17\/2013\/02\/reality.pdf\">M. Bishop and C. Hoke, \u201cEssential Baseline Research for UOCAVA-MOVE Act Implementation at the State-Local Levels,\u201d <i>Workshop on UOCAVA Remote Voting Systems<\/i> (Aug. 2010).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2010-petra\">C. Gates and M. Bishop, \u201cThe Security and Privacy Implications of Using Social Networks to Deliver Healthcare,\u201d <i>Proceedings of the 3rd International Conference on Pervasive Technologies Related to Assistive Environments<\/i> (June 2010).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2010-acis\">M. Bishop, \u201cTen Years Past and Ten Years from Now,\u201d <i>Actas de la X Journada de Seguridad Inform\u00e1tica<\/i> (June 2010).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2010-ieeesp-3\">E. Talbot, D. Frincke, and M. Bishop, \u201cDemythifying Security,\u201d <i>IEEE Security and Privacy<\/i> <b>8<\/b>(3) pp. 56\u201359 (May 2010).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2010-oakland\">P. Neumann, M. Bishop, S. Peisert, and M. Schaefer, \u201cReflections on the 30th Anniversary of the IEEE Symposium on Security and Privacy,\u201d <i>Proceedings of the 2010 IEEE Symposium on Security and Privacy<\/i> pp. 109\u201313 (May 2010).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2010-ieeesp-1\">M. Bishop, \u201cA Clinic for \u2018Secure\u2019 Programming,\u201d <i>IEEE Security and Privacy<\/i> <b>8<\/b>(2) pp. 54\u201356 (Mar. 2010).<\/a><\/li>\n<\/ul>\n<h2>2009<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-acsac\">M. Bishop, \u201cReflections on UNIX Security,\u201d <i>Proceedings of the 25th Annual Computer Security Applications Conference<\/i> pp. 161\u2013184 (Dec. 2009); <i>includes the previously unpublished 1983 paper<\/i> \u201cSecurity Problems with the UNIX Operating System\u201d.<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-sigcse\">S. Cooper, C. Nickell, V. Piotrowski, B. Oldfield, A. Abdallah, M. Bishop, B. Caelli, M. Dark, E. Hawthorne, L. Hoffman, L. P\u00e9rez, C. Pfleeger, R. Raines, C. Schou, and J. Brynielsson, \u201cAn Exploration of the Current State of Information Assurance Education,\u201d <i>ACM SIGCSE Bulletin<\/i> <b>41<\/b>(4) pp. 109\u2013125 (Dec. 2009).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-nspw-2\">S. Peisert, M. Bishop, L. Corriss, and S. Greenwald, \u201c<i>Quis Custodiet ipsos Custodes?<\/i> A New Paradigm for Analyzing Security Paradigms,\u201d <i>Proceedings of the 2009 New Security Paradigms Workshop<\/i> pp. 71\u201384 (Sep. 2009).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-nspw-1\">M. Bishop, C. Gates, and J. Hunker, \u201cSisterhood of the Traveling Packets,\u201d <i>Proceedings of the 2009 New Security Paradigms Workshop<\/i> pp. 59\u201370 (Sep. 2009).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-ieeesp-1\">R. Gardner, M. Bishop, and T. Kohno, \u201cAre Patched Machines Really Fixed?\u201d <i>IEEE Security and Privacy<\/i> <b>7<\/b>(5) pp. 82\u201388 (Sep. 2009).<\/a><\/li>\n<li><a href=\"http:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-content\/uploads\/sites\/17\/2013\/02\/electfor.pdf\">M. Bishop, S. Peisert, C. Hoke, M. Graff, and D. Jefferson, \u201cE-Voting and Forensics: Prying Open the Black Box,\u201d <i>Proceedings of the 2009 USENIX\/ACCURATE Electronic Voting Technology Workshop<\/i> (Aug. 2009).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-wise\">M. Bishop, \u201cSome \u2018Secure Programming\u2019 Exercises for an Introductory Programming Class,\u201d <i>Proceedings of the Seventh World Conference on Information Security Education<\/i> (July 2009).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-petra-2\">B. Bhumiratana and M. Bishop, \u201cPrivacy Aware Data Sharing: Balancing the Usability and Privacy of Datasets,\u201d <i>Proceedings of the 2nd International Conference on Pervasive Technologies Related to Assistive Environments<\/i> (June 2009).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-petra-1\">Z. Le, M. Bishop and F. Makedon, \u201cStrong Mobile Device Protection from Loss and Capture,\u201d <i>Proceedings of the 2nd International Conference on Pervasive Technologies Related to Assistive Environments<\/i> (June 2009).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-cisse\">M. Bishop and C. Taylor, \u201cA Critical Analysis of the Centers of Academic Excellence Program,\u201d <i>Proceedings of the 13<sup>th<\/sup> Colloquium for Information Systems Security Education<\/i> (June 2009).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-hsc\">M. Bishop, C. Gates, D. Frincke, and F. Greitzer, \u201cAZALIA: A to Z Assessment of the Likelihood of Insider Attack,\u201d <i>Proceedings of the 2009 IEEE International Conference on Technologies for Homeland Security<\/i> (May 2009).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-ieeesp-2\">B. Hay, K. Nance, and M. Bishop, \u201cLive Analysis: Progress and Challenges,\u201d <i>IEEE Security and Privacy<\/i> <b>7<\/b>(2) pp. 30\u201337 (Mar. 2009).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-ares\">K. Nance, B. Hay, and M. Bishop, \u201cInvestigating the Implications of Virtual Machine Introspection for Digital Forensics,\u201d <i>Proceedings of the 2009 International Conference on Availability, Reliability and Security<\/i> pp. 1024\u20131029 (Mar. 2009).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-hicss-3\">M. Bishop, S. Engle, S. Peisert, S. Whalen, and C. Gates, \u201cCase Studies of an Insider Framework,\u201d <i>Proceedings of the 2009 Hawaii International Conference on System Sciences<\/i> (Jan. 2009).<\/a><\/li>\n<li><a href=\"http:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-content\/uploads\/sites\/17\/2013\/02\/votelog.pdf\">S. Peisert, M. Bishop, and A. Yasinsac, \u201cVote Selling, Voter Anonymity, and Forensic Logging of Electronic Voting Machines\u201d <i>Proceedings of the 2009 Hawaii International Conference on System Sciences<\/i> (Jan. 2009).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2009-hicss-1\">K. Nance, B. Hay, and M. Bishop, \u201cDigital Forensics: Defining a Research Agenda,\u201d <i>Proceedings of the 2009 Hawaii International Conference on System Sciences<\/i> (Jan. 2009).<\/a><\/li>\n<\/ul>\n<h2>2008<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2008-nspw\">M. Bishop, S. Engle, C. Gates, S. Peisert, and S. Whalen, \u201cWe Have Met the Enemy and He Is Us,\u201d <i>Proceedings of the 2008 New Security Paradigms Workshop<\/i> pp. 1\u201312 (Sep. 2008).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2008-ieeesp-2\">K. Nance, M. Bishop, and B. Hay, \u201cVirtual Machine Introspection: Observation or Interference?,\u201d <i>IEEE Security and Privacy<\/i> <b>6<\/b>(5) pp. 32\u201337 (Sep. 2008).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2008-sadfe\">S. Peisert, M. Bishop, and K. Marzullo, \u201cComputer Forensics <i>In Forensis<\/i>,\u201d <i>Proceedings of the Third International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering<\/i> pp. 102\u2013122 (May 2008).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2008-csiiw\">M. Bishop and C. Gates, \u201cDefining the Insider Threat,\u201d <i>Proceedings of the Cyber Security and Information Intelligence Research Workshop<\/i> article 15 (May 2008).<\/a><\/li>\n<li><a href=\"http:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-content\/uploads\/sites\/17\/2013\/02\/counting.pdf\">A. Yasinsac and M. Bishop, \u201cThe Dynamics of Counting and Recounting Votes,\u201d <i>IEEE Security and Privacy<\/i> <b>6<\/b>(3) pp. 22\u201329 (May 2008).<\/a><\/li>\n<li>M. Bishop, \u201cSome Exercises for an Introductory Class,\u201d <i>Faculty Workshop on Secure Software Development<\/i> (Apr. 2008).<\/li>\n<li>M. Dark and M. Bishop, \u201cEvaluating the Efficacy of Software Security Curriculum Exercises,\u201d <i>Faculty Workshop on Secure Software Development<\/i> (Apr. 2008).<\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2008-acmosr\">S. Peisert, M. Bishop, and K. Marzullo, \u201cComputer Forensics <i>in Forensis<\/i>,\u201d <i>ACM SIGOPS Operating Systems Review<\/i> <b>42<\/b>(3) pp. 112\u2013122 (Apr. 2008).<\/a><\/li>\n<li><a href=\"http:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-content\/uploads\/sites\/17\/2013\/02\/votercpts.pdf\">A. Yasinsac and M. Bishop, \u201cOf Paper Trails and Voter Receipts,\u201d <i>Proceedings of the 2008 Hawaii International Conference on System Sciences<\/i> (Jan. 2008).<\/a><\/li>\n<\/ul>\n<h2>2007<\/h2>\n<ul>\n<li><a href=\"http:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-content\/uploads\/sites\/17\/2013\/02\/ttbr-risks.pdf\">M. Bishop and D. Wagner, \u201cRisks of E-Voting,\u201d <i>Communications of the ACM<\/i> <b>50<\/b>(11) p. 120 (Nov. 2007).<\/a><\/li>\n<li><a href=\"http:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-content\/uploads\/sites\/17\/2013\/02\/hart.pdf\">E. Proebstel, S. Riddle, F. Hsu, J. Cummins, F. Oakley, T. Stanionis, and M. Bishop, \u201cAn Analysis of the Hart Intercivic DAU eSlate,\u201d <i>Proceedings of the 2007 USENIX\/ACCURATE Electronic Voting Technology Workshop<\/i> (Aug. 2007).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2007-spcolv5n4\">S. Peisert and M. Bishop, \u201cI\u2019m a Scientist, Not a Philosopher!\u201d <i>IEEE Security &amp; Privacy Magazine<\/i> <b>5<\/b>(4) pp. 48\u201351 (July 2007).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2007-hotdep\">C. Gates, C. Taylor, and M. Bishop, \u201cDependable Security: Testing Network Intrusion Detection Systems,\u201d poster paper, <i>Proceedings of the Third Workshop on Hot Topics in System Dependability<\/i> paper 19 (June 2007).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2007-wise5-2\">S. Peisert and M. Bishop, \u201cHow to Design Computer Security Experiments,\u201d <i>Proceedings of the World Conference on Information Security Education<\/i> pp. 141\u2013148 (June 2007).<\/a><\/li>\n<li><a href=\"http:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-content\/uploads\/sites\/17\/2013\/02\/evote.pdf\">M. Bishop, \u201cE-Voting as a Teaching Tool,\u201d <i>Proceedings of the World Conference on Information Security Education<\/i> pp. 17\u201324 (June 2007).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2007-sadfe\">S. Peisert, M. Bishop, S. Karin, and K. Marzullo, \u201cTowards Models for Forensic Analysis,\u201d <i>Proceedings of the Second International Workshop on Systematic Approaches to Digital Forensic Engineering<\/i> pp. 3\u201315 (Apr. 2007).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2007-tdsc\">S. Peisert, M. Bishop, S. Karin, and K. Marzullo, \u201cAnalysis of Computer Intrusions Using Sequences of Function Calls,\u201d <i>IEEE Transactions on Dependable and Secure Computing<\/i> <b>4<\/b>(2) pp. 137\u2013150 (Apr. 2007).<\/a><\/li>\n<li><a href=\"http:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-content\/uploads\/sites\/17\/2013\/02\/votestds.pdf\">E. Barr, M. Bishop, and M. Gondree, \u201cFixing Federal E-Voting Standards,\u201d <i>Communications of the ACM<\/i> <b>50<\/b>(3) pp. 19\u201324 (Mar. 2007).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2007-tissec\">J. Zhou, M. Heckman, B. Reynolds, A. Carlson, and M. Bishop, \u201cModeling Network Intrusion Detection Alerts for Correlation,\u201d <i>ACM Transactions on Information and System Security<\/i> <b>10<\/b>(1) pp. 1\u201331 (Feb. 2007). <\/a><\/li>\n<li><a href=\"http:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-content\/uploads\/sites\/17\/2013\/02\/evoting.pdf\">M. Bishop and D. Frincke, \u201cAchieving Learning Objectives through E-Voting Case Studies,\u201d <i>IEEE Security &amp; Privacy Magazine<\/i> <b>5<\/b>(1) pp. 53\u201356 (Jan. 2007).<\/a><\/li>\n<\/ul>\n<h2>2006<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2006-jeric\">M. Bishop, \u201cTeaching Context in Information Security,\u201d <i>Journal on Educational Resources in Computing<\/i> <b>6<\/b>(3) article #3 (Sep. 2006).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2006-nspw-2\">R. Crawford, M. Bishop, B. Bhumiratana, L. Clark, and K. Levitt, \u201cSanitization Models and their Limitations,\u201d <i>Proceedings of the New Security Paradigms Workshop<\/i> pp. 41\u201356 (Sep. 2006).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2006-nspw-1\">V. Neagoe and M. Bishop, \u201cInconsistency in Deception for Defense,\u201d <i>Proceedings of the New Security Paradigms Workshop<\/i> pp. 31\u201338 (Sep. 2006).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2006-dimva\">E. Ceesay, J. Zhou, M. Gertz, K. Levitt, and M. Bishop, \u201cUsing Type Qualifiers to Analyze Untrusted Integers and Detecting Security Flaws in C Programs,\u201d <i>Proceedings of the GI\/IEEE SIG SIDAR Conference on Detection and Intrusions and Malware and Vulnerability Assessment<\/i> pp. 1\u201316 (July 2006).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2006-wetice-3\">D. Gilliam, J. Powell, M. Bishop, C. Andrews, and S. Jog, \u201cSecurity Verification Techniques Applied to PatchLink COTS Software,\u201d <i>Proceedings of the 15th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises<\/i> pp. 319\u2013325 (June 2006).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2006-wetice-2\">M. Bishop, R. Crawford, B. Bhumiratana, L. Clark, and K. Levitt, \u201cSome Problems in Sanitizing Network Data,\u201d <i>Proceedings of the 15th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises<\/i> pp. 307\u2013312 (June 2006).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2006-wetice-1\">D. Gilliam and M. Bishop, \u201cWETICE 2006 Eleventh Securities Technologies (ST) Workshop Report,\u201d <i>Proceedings of the 15th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise<\/i> pp. 305\u2013306 (June 2006).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2006-cisse-1\">M. Bishop and S. Engle, \u201cThe Software Assurance CBK and University Curricula,\u201d <i>Proceedings from the Tenth Colloquium on Information Systems Security Education<\/i> pp. 14\u201321 (June 2006).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2006-cisse-2\">M. Bishop and B. J. Orvis, \u201cA Clinic to Teach Good Programming Practices,\u201d <i>Proceedings from the Tenth Colloquium on Information Systems Security Education<\/i> pp. 168\u2013174 (June 2006).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2006-spcolv4n2\">M. Bishop and D. Frincke, \u201cWho Owns Your Computer?,\u201d <i>IEEE Security &amp; Privacy Magazine<\/i> <b>4<\/b>(2) pp. 61\u201363 (Mar. 2006).<\/a><\/li>\n<\/ul>\n<h2>2005<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2005-acsac\">J. Zhou, A. Carlson, and M. Bishop, \u201cVerify Results of Network Intrusion Alerts Using Lightweight Protocol Analysis,\u201d <i>Proceedings of the 21st Annual Computer Security Applications Conference<\/i> pp. 117\u2013126 (Dec. 2005).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2005-nspw-3\">S. Peisert, M. Bishop, S. Karin, and K. Marzullo, \u201cPrinciples-Driven Forensic Analysis,\u201d <i>Proceedings of the 2005 New Security Paradigms Workshop<\/i> pp. 85\u201393 (Sep. 2005).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2005-nspw-2\">M. Bishop, \u201cPosition: \u2018Insider\u2019 is Relative\u201d <i>Proceedings of the New Security Paradigms Workshop<\/i> pp. 77\u201378 (Sep. 2005).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2005-nspw-1\">M. Bishop, \u201cThe Insider Problem Revisited\u201d <i>Proceedings of the New Security Paradigms Workshop<\/i> pp. 75\u201376 (Sep. 2005).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2005-spcolv3n5\">M. Bishop and D. Frincke, \u201cTeaching Secure Programming,\u201d <i>IEEE Security &amp; Privacy Magazine<\/i> <b>3<\/b>(5) pp. 54\u201356 (Sep. 2005).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2005-spcolv3n4\">M. Bishop and D. Frincke, \u201cA Human Endeavor: Lessons from Shakespeare and Beyond,\u201d <i>IEEE Security &amp; Privacy Magazine<\/i> <b>3<\/b>(4) pp. 49\u201351 (July 2005).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2005-wetice\">D. Gilliam, J. Powell, and M. Bishop, \u201cApplication of Lightweight Formal Methods to Software Security,\u201d <i>Proceedings of the 14th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises<\/i> pp. 160\u2013165 (June 2005).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2005-cisse\">M. Bishop, \u201cBest Practices and Worst Assumptions,\u201d <i>Proceedings of the 9th Colloquium for Information Systems Security Education<\/i> pp. 18\u201325 (June 2005).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2005-wise4\">M. Bishop and H. Armstrong, \u201cUncovering Assumptions in Information Security,\u201d <i>Proceedings of the Fourth World Conference on Information Security Education<\/i> pp. 223\u2013231 (May 2005).<\/a><\/li>\n<\/ul>\n<h2>2004<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2004-tissec\">T. Walcott and M. Bishop, \u201cTraducement: A Model for Record Security,\u201d <i>ACM Transactions on Information Systems Security<\/i> <b>7<\/b>(4) pp. 576\u2013590 (Nov. 2004).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2004-spcolv2n6\">M. Bishop and D. Frincke, \u201cAcademic Degrees and Professional Certification,\u201d <i>IEEE Security &amp; Privacy Magazine<\/i> <b>2<\/b>(6) pp. 56\u201358 (Nov. 2004).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2004-spcolv2n5\">D. Frincke and M. Bishop, \u201cJoining the Security Education Community,\u201d <i>IEEE Security &amp; Privacy Magazine<\/i> <b>2<\/b>(5) pp. 61\u201363 (Sep. 2004). <\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2004-wecs\">M. Bishop, \u201cTeaching Context in Information Security,\u201d <i>Proceedings of the Sixth Workshop on Education in Computer Security<\/i> pp. 29\u201335 (July 2004).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2004-spcolv2n4\">D. Frincke and M. Bishop, \u201cBack to School,\u201d <i>IEEE Security &amp; Privacy Magazine<\/i> <b>2<\/b>(4) pp. 54\u201356 (July 2004).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2004-wetice\">M. Bishop, B. Bhumiratana, R. Crawford, and K. Levitt, \u201cHow to Sanitize Data,\u201d <i>Proceedings of the 13th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises<\/i> pp. 217\u2013222 (June 2004).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2004-spcolv2n3\">D. Frincke and M. Bishop, \u201cGuarding the Castle Keep: Teaching with the Fortress Metaphor,\u201d <i>IEEE Security &amp; Privacy Magazine<\/i> <b>2<\/b>(3) pp. 69\u201372 (May 2004).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2004-cacm\">R. Bajcsy, T. Benzel, M. Bishop, B. Braden, C. Brodley, S. Fahmy, S. Floyd, W. Hardaker, A. Joseph, G. Kesidis, K. Levitt, B. Lindell, P. Liu, D. Miller, R. Mundy, C. Neuman, R. Ostrenga, V. Paxson, P. Porras, C. Rosenberg, J. D. Tygar, S. Sastry, D. Sterne, and S. Wu, \u201cCyber Defense Technology Networking and Evaluation,\u201d <i>Communications of the ACM<\/i> <b>47<\/b>(3) pp. 58\u201361 (Mar. 2004).<\/a><\/li>\n<\/ul>\n<h2>2003<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2003-acsac\">M. Clifford, D. Faigin, M. Bishop, and T. Brutch, \u201cMiracle Cures and Toner Cartridges: Finding Solutions to the Spam Problem,\u201d <i>Proceedings of the 19th Annual Computer Security Applications Conference<\/i> pp. 428\u2013429 (Dec. 2003).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2003-nasasew\">D. Gilliam, J. Powell, E. Haugh, and M. Bishop, \u201cAddressing Software Security Risk Mitigation in the Life Cycle,\u201d <i>Proceedings of the 28th Annual NASA\/IEEE Goddard Software Engineering Workshop<\/i> pp. 201\u2013206 (Dec. 2003).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2003-csp\">M. Bishop and E. Goldman, \u201cThe Strategy and Tactics of Information Warfare,\u201d <i>Contemporary Security Policy<\/i> <b>24<\/b>(1) pp. 113\u2013139 (June 2003).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2003-wetice\">D. Gilliam, T. Wolfe, J. Sherif, and M. Bishop, \u201cSoftware Security Checklist for the Software Life Cycle,\u201d <i>Proceedings of the 12th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises<\/i> pp. 243\u2013248 (June 2003).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2003-wise3\">M. Bishop, \u201cTeaching Undergraduate Information Assurance,\u201d <i>Security Education and Critical Infrastructure: Proceedings of the Third World Conference on Information Security Education<\/i> pp. 169\u2013171 (June 2003).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2003-ndss\">E. Haugh and M. Bishop, \u201cTesting C Programs for Buffer Overflow Vulnerabilities,\u201d <i>Proceedings of the 2003 Symposium on Networked and Distributed System Security<\/i> pp. 123\u2013130 (Feb. 2003).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2003-spcolv1n1\">M. Bishop, \u201cWhat Is Computer Security?,\u201d <i>IEEE Security &amp; Privacy Magazine<\/i> <b>1<\/b>(1) pp. 67\u201369 (Jan. 2003).<\/a><\/li>\n<\/ul>\n<h2>2002<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2002-unixsec\">D. Peterson, M. Bishop, and R. Pandey, \u201cA Flexible Containment Mechanism for Executing Untrusted Code,\u201d <i>Proceedings of the 11th USENIX UNIX Security Symposium<\/i> pp. 207\u2013225 (Aug. 2002).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2002-computer\">M. Bishop, \u201cComputer Security Education: Training, Scholarship, and Research,\u201d <i>IEEE Computer<\/i> <b>35<\/b>(4), Part Privacy and Security Supplement pp. 31\u201333 (Apr. 2002).<\/a><\/li>\n<\/ul>\n<h2>2001<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2001-acsac\">J. Reynolds, M. Bishop, A. Ghosh, and J. Whittaker, \u201cHow Useful is Software Fault Injection for Evaluating the Security of COTS Products,\u201d <i>Proceedings of the 17th Annual Computer Security Applications Conference<\/i> pp. 339\u2013340 (Dec. 2001).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2001-nasasew\">D. Gilliam, J. Powell, J. Kelly, and M. Bishop, \u201cReducing Software Security Risk Through an Integrated Approach,\u201d <i>Proceedings of the 26th Annual NASA\/IEEE Goddard Software Engineering Workshop<\/i> pp. 36\u201342 (Nov. 2001).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2001-wetice\">D. Gilliam, J. Kelly, J. Powell, and M. Bishop, \u201cDevelopment of a Software Security Assessment Instrument to Reduce Software Security Risk,\u201d <i>Proceedings of the 10th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises<\/i> pp. 144\u2013149 (June 2001).<\/a><\/li>\n<\/ul>\n<h2>2000<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2000-acsac\">D. Faigin, M. Clifford, M. Bishop, and M. Abrams, \u201cDefining, Computing, and Interpreting Trust,\u201d <i>Proceedings of the 16th Annual Computer Security Applications Conference<\/i> p. 88 (Dec. 2000).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2000-conc\">M. Bishop, \u201cEducation in Information Security,\u201d <i>IEEE Concurrency<\/i> <b>8<\/b>(4) pp. 4\u20138 (Oct. 2000).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2000-csfw\">T. Aura, M. Bishop, and D. Sniegowski, \u201cAnalyzing Single-Server Network Inhibition,\u201d <i>Proceedings of the 13th IEEE Computer Security Foundations Workshop<\/i> pp.108\u2013117 (July 2000).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2000-compnet\">B. Hashii, S. Malabarba, R. Pandey, and M. Bishop, \u201cSupporting Reconfigurable Security Policies for Mobile Programs,\u201d <i>Computer Networks<\/i> <b>33<\/b>(1-6) pp. 77\u201393 (June 2000).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/2000-oakland\">J. Hughes, T. Aura, and M. Bishop, \u201cUsing Conservation of Flow as a Security Mechanism in Network Protocols,\u201d <i>Proceedings of the 2000 IEEE Symposium on Security and Privacy<\/i> pp. 132\u2013141 (May 2000).<\/a><\/li>\n<\/ul>\n<h2>1999<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1999-nissc\">M. Bishop, \u201cWhat Do We Mean By \u2018Computer Security Education\u2019?,\u201d <i>Proceedings of the 22nd National Information Systems Security Conference<\/i> p. 604 (Oct. 1999).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1999-raid\">M. Bishop, \u201cVulnerabilities Analysis,\u201d <i>Proceedings of the Symposium on Recent Advances in Intrusion Detection<\/i> pp. 125\u2013136 (Sep. 1999).<\/a><\/li>\n<\/ul>\n<h2>1998<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1998-acsac\">M. Clifford, C. Lavine, and M. Bishop, \u201cThe Solar Trust Model: Authentication Without Limitation,\u201d <i>Proceedings of the 14th Annual Computer Security Applications Conference<\/i> pp. 300\u2013307 (Dec. 1998).<\/a><\/li>\n<li>M. Bishop, S. Cheung, J. Frank, J. Hoagland, S. Samorodin, and C. Wee, \u201cInternet Attacks: How they Occur and How to Protect Against Them,\u201d Engineering World <b>8<\/b>(3) pp. 32\u201338 (June\/July 1998); abridged from \u201cThe Threat from the Net,\u201d <i>IEEE Spectrum<\/i> <b>34<\/b>(8) pp. 56\u201363 (Aug. 1997).<\/li>\n<\/ul>\n<h2>1997<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1997-spect\">M. Bishop, S. Cheung, J. Frank, J. Hoagland, S. Samorodin, and C. Wee, \u201cThe Threat from the Net,\u201d <i>IEEE Spectrum<\/i> <b>34<\/b>(8) pp. 56\u201363 (Aug. 1997).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1997-sen\">G. Fink and M. Bishop, \u201cProperty Based Testing: A New Approach to Testing for Assurance,\u201d <i>ACM SIGSOFT Software Engineering Notes<\/i> <b>22<\/b>(4) pp. 74\u201380 (July 1997).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1997-ncisse\">M. Bishop, \u201cThe State of INFOSEC Education in Academia: Present and Future Directions,\u201d <i>Proceedings of the National Colloquium on Information System Security Education<\/i> pp. 19\u201333 (Apr. 1997).<\/a><\/li>\n<li><a href=\"http:\/\/www.cne.gmu.edu\/modules\/acmpkp\/security\/map_frm.html\">P. Denning and M. Bishop, <i>Network and Data Security<\/i>, ACM Professional Knowledge Program, http:\/\/www.cne.gmu.edu\/modules\/acmpkp\/security\/map_frm.html (Mar. 1997).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1997-cihw\">M. Bishop, \u201cInformation Survivability, Security, and Fault Tolerance,\u201d <i>Proceedings of the Information Survivability Workshop<\/i>, paper #6 (Feb. 1997).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1997-wecs\">M. Bishop, \u201cTeaching Computer Security,\u201d <i>Proceedings of the Workshop on Education in Computer Security<\/i> pp. 78\u201382 (Jan. 1997).<\/a><\/li>\n<\/ul>\n<h2>1996<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1996-jcs\">M. Bishop, \u201cConspiracy and Information Flow in the Take-Grant Protection Model,\u201d <i>Journal of Computer Security<\/i> <b>4<\/b>(4) pp. 331\u2013359 (1996).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1996-nissc-2\">L. Heberlein and M. Bishop, \u201cAttack Class: Address Spoofing,\u201d <i>Proceedings of the Nineteenth National Information Systems Security Conference<\/i> pp. 371\u2013377 (Oct. 1996).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1996-nissc-1\">M. Bishop and L. Heberlein, \u201cAn Isolated Network for Research,\u201d <i>Proceedings of the Nineteenth National Information Systems Security Conference<\/i> pp. 349\u2013360 (Oct. 1996).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1996-compsys\">&gt;M. Bishop and M. Dilger, \u201cChecking for Race Conditions in File Accesses,\u201d <i>Computing Systems<\/i> <b>9<\/b>(2) pp. 131\u2013152 (Spring 1996).<\/a><\/li>\n<\/ul>\n<h2>1995<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1995-nissc\">M. Bishop, \u201cA Standard Audit Trail Format,\u201d <i>Proceedings of the Eighteenth National Information Systems Security Conference<\/i> pp. 136\u2013145 (Oct. 1995).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1995-compsec\">M. Bishop and D. Klein, \u201cImproving System Security Through Proactive Password Checking,\u201d <i>Computers and Security<\/i> <b>14<\/b>(3) pp. 233\u2013249 (May\/June 1995).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1995-jcs\">M. Bishop, \u201cTheft of Information in the Take-Grant Protection Model,\u201d <i>Journal of Computer Security<\/i> <b>3<\/b>(4) pp. 283\u2013309 (1994\/1995).<\/a><\/li>\n<\/ul>\n<h2>1994<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1994-compsys\">M. Bishop, \u201cGuest Editorial,\u201d <i>Computing Systems<\/i> <b>7<\/b>(4) pp. v-vii (Winter 1994).<\/a><\/li>\n<\/ul>\n<h2>1993<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1993-icis\">M. Bishop, \u201cTeaching Computer Security,\u201d <i>Proceedings of the Eighth International Conference on Information Security<\/i> pp. 43\u201352 (May 1993).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1993-jire\">M. Bishop, \u201cRecent Changes to Privacy-Enhanced Electronic Mail,\u201d <i>Journal of Internetworking: Research and Experience<\/i> <b>4<\/b>(1) pp. 47\u201359 (Mar. 1993).<\/a><\/li>\n<\/ul>\n<h2>1992<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1992-unixsec\">M. Bishop, \u201cAnatomy of a Proactive Password Checker,\u201d <i>Proceedings of the Third UNIX Security Symposium<\/i> pp. 130\u2013139 (Sep. 1992).<\/a><\/li>\n<li>M. Bishop, \u201cProactive Password Checking,\u201d Proceedings of the Fourth Workshop on Computer Security Incident Handling pp. W11:1\u20139 (Aug. 1992).<\/li>\n<li>M. Bishop, \u201cA Cautionary Tale,\u201d Proceedings of the Workshop on Future Directions in Computer Misuse and Anomaly Detection, pp. 110\u2013114 (Mar. 1992).<\/li>\n<\/ul>\n<h2>1991<\/h2>\n<ul>\n<li>M. Bishop, \u201cPrivacy-Enhanced Electronic Mail,\u201d <i>Journal of Internetworking: Research and Experience<\/i> <b>2<\/b>(4) pp. 199\u2013233 (Dec. 1991).<\/li>\n<li>M. Bishop, \u201cComparing Authentication Systems,\u201d <i>Proceedings of the Third Workshop on Computer Incident Handling<\/i> pp. G\u2013II\u20131:10 (Aug. 1991).<\/li>\n<li>M. Bishop, \u201cA Proactive Password Checker,\u201d <i>Proceedings of the Seventh International Conference on Information Security<\/i> pp. 169\u2013181 (May 1991).<\/li>\n<li>M. Bishop, \u201cAn Overview of Computer Viruses in a Research Environment,\u201d <i>Proceedings of the Fourth Annual Computer Virus and Security Conference<\/i>, pp. 111\u2013144 (Mar. 1991).<\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1991-compcon\">M. Bishop, \u201cPassword Management,\u201d <i>Proceedings of Compcom Spring \u201991: Digest of Papers<\/i>, pp. 167\u2013169 (Feb. 1991).<\/a><\/li>\n<li>M. Bishop, \u201cAuthenticated Network News,\u201d <i>Proceedings of the 1991 Winter USENIX Conference<\/i>, pp. 281\u2013287 (Jan. 1991).<\/li>\n<\/ul>\n<h2>1990<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1990-acsac\">M. Bishop, \u201cA Security Analysis of the NTP Protocol,\u201d <i>Proceedings of the 6th Annual Computer Security Applications Conference<\/i>, pp. 20\u201329 (Dec. 1990).<\/a><\/li>\n<li>M. Bishop, \u201cAn Extensible Password Changing Program,\u201d <i>Proceedings of the UNIX Security Workshop II<\/i>, pp. 15\u201316 (Aug. 1990).<\/li>\n<li>M. Bishop, \u201cCollaboration Using Roles,\u201d <i>Software\u2014Practice and Experience<\/i> <b>20<\/b>(5) pp. 485\u2013498 (May 1990).<\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1990-cjourv8n5\">M. Bishop, \u201cStorage in C,\u201d <i>C Users\u2019 Journal<\/i> <b>8<\/b>(5) pp. 73\u201378 (May 1990).<\/a><\/li>\n<\/ul>\n<h2>1989<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1989-acsac\">M. Bishop, \u201cA Model of Security Monitoring,\u201d <i>Proceedings of the 5th Annual Computer Security Applications Conference<\/i>, pp. 46\u201352 (Dec. 1989).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1989-super\">M. Bishop, \u201cU<small>NIX<\/small>\u2122 Security in a Supercomputing Environment,\u201d <i>Proceedings of the 1989 ACM\/IEEE Conference on Supercomputing<\/i> pp. 693\u2013698 (Nov. 1989).<\/a><\/li>\n<li>M. Bishop, \u201cPrivacy-Enhanced Electronic Mail,\u201d <i>Proceedings of the DIMACS Workshop on Distributed Computing and Cryptography<\/i>, pp. 93\u2013106 (Oct. 1989).<\/li>\n<\/ul>\n<h2>1988<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1988-unixsec\">M. Bishop, \u201cAuditing Files on a Network of UNIX Machines,\u201d <i>Proceedings of the UNIX Security Workshop<\/i> pp. 51\u201352 (Aug. 1988).<\/a><\/li>\n<li>M. Bishop, \u201cTheft of Information in the Take-Grant Protection Model,\u201d <i>Proceedings of the Workshop on Foundations of Computer Security<\/i>, MITRE TR M88-37, pp. 194\u2013218 (June 1988).<\/li>\n<li>M. Bishop, \u201cAn Application of a Fast Data Encryption Standard Implementation,\u201d <i>Computing Systems<\/i> <b>1<\/b>(3) pp. 221\u2013254 (Summer 1988).<\/li>\n<\/ul>\n<h2>1987<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1987-spe\">M. Bishop, \u201cProfiling under UNIX\u2122 by Patching,\u201d <i>Software\u2014Practice and Experience<\/i> <b>17<\/b>(10) pp. 729\u2013740 (Oct. 1987).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1987-decpro\">M. Bishop, \u201cFile Protection in UNIX,\u201d <i>The DEC Professional Special Edition<\/i> pp. 44\u201348 (June 1987).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1987-lisa\">M. Bishop, \u201cSharing Accounts,\u201d <i>Proceedings of the Large Installation System Administrator\u2019s Workshop<\/i>, p. 135 (Apr. 1987).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1987-cjourv3n1\">M. Bishop, \u201cArray Names and Pointers,\u201d <i>The C Journal<\/i> <b>3<\/b>(1) pp. 44\u201346 (Spring 1987).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1987-login\">M. Bishop, \u201cHow To Write A Setuid Program,\u201d <i>;login:<\/i> <b>12<\/b>(1) pp. 5\u201311 (Jan.\/Feb. 1987).<\/a><\/li>\n<\/ul>\n<h2>1986<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1986-acsac\">M. Bishop and B. Leiner, \u201cAccess Control and Privacy in Large Distributed Systems,\u201d <i>Proceedings of the AIAA\/ASIS\/DODCI Second Aerospace Computer Security Conference: A Collection of Technical Papers<\/i>, pp. 95\u201398 (Dec. 1986).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1986-fjcc\">M. Bishop, \u201cAnalyzing the Security of an Existing Computer System,\u201d <i>Proceedings of the 1986 Fall Joint Computer Conference<\/i> pp. 1115\u20131119 (Nov. 1986).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1986-textcomp\">M. Bishop, \u201cTrnum\u2014A Program to Number Figures,\u201d <i>Text in Computers<\/i> <b>1<\/b>(1) pp. 9\u201315 (July 1986).<\/a><\/li>\n<li>M. Bishop, \u201cHow To Write A Setuid Program,\u201d <i>Cray User Group Proceedings<\/i> pp. 110\u2013111 (Spring 1986).<\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1986-cjourv2n1\">M. Bishop, \u201cScope in C,\u201d <i>The C Journal<\/i> <b>2<\/b>(1) pp. 40\u201347 (Spring 1986).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1986-cjourv1n4\">M. Bishop, \u201cPortability in C\u2014A Case Study,\u201d <i>The C Journal<\/i> <b>1<\/b>(4) p. 25\u201331 (Winter 1986).<\/a><\/li>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1986-compsecNEW\">M. Bishop, &#8220;A Pauper\u2019s Callback Scheme,&#8221; Computers and Security 5(2) pp. 141-144 (June 1986).<\/a><\/li>\n<\/ul>\n<h2>1981<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1981-sosp\">M. Bishop, \u201cHierarchical Take-Grant Protection Systems,\u201d <i>Proceedings of the Eighth Symposium in Operating Systems Principles<\/i> pp. 107\u2013123 (Dec. 1981).<\/a><\/li>\n<\/ul>\n<h2>1979<\/h2>\n<ul>\n<li><a href=\"http:\/\/nob.cs.ucdavis.edu\/bishop\/papers\/1979-sosp\">M. Bishop and L. Snyder, \u201cThe Transfer of Information and Authority in a Protection System,\u201d <i>Proceedings of the Seventh Symposium in Operating Systems Principles<\/i> pp. 45\u201354 (Dec. 1979).<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>2012 S. Whalen, S. Peisert, and M. Bishop, \u201cMulticlass Classification of Distributed Memory Parallel Computations,\u201d Pattern Recognition Letters (2012). S. Peisert, E. Talbot, and M. Bishop, \u201cTurtles All The Way Down: A Clean-Slate, Ground-Up, First-Principles Approach to Secure Systems,\u201d Proceedings of the 2012 New Security Paradigms Workshop (Sep. 2012). M. \u2026 <a class=\"continue-reading-link\" href=\"https:\/\/faculty.engineering.ucdavis.edu\/bishop\/publications\/\"> Continue reading <span class=\"meta-nav\">&rarr; <\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"template-twocolumns-left.php","meta":{"inline_featured_image":false,"ngg_post_thumbnail":0,"footnotes":""},"class_list":["post-17","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-json\/wp\/v2\/pages\/17","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-json\/wp\/v2\/comments?post=17"}],"version-history":[{"count":11,"href":"https:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-json\/wp\/v2\/pages\/17\/revisions"}],"predecessor-version":[{"id":208,"href":"https:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-json\/wp\/v2\/pages\/17\/revisions\/208"}],"wp:attachment":[{"href":"https:\/\/faculty.engineering.ucdavis.edu\/bishop\/wp-json\/wp\/v2\/media?parent=17"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}